<?php
/* -------------------------------------------------------------------------------------
* 	ID:						$Id: pi_clickandbuy_trans.php 189 2013-09-22 07:57:17Z phone.mueller@googlemail.com $
* 	Letzter Stand:			$Revision: 189 $
* 	zuletzt geaendert von:	$Author: siekiera $
* 	Datum:					$Date: 2013-09-22 07:57:17 +0000 (Sun, 22 Sep 2013) $
*
* 	SEO:mercari by Siekiera Media
* 	http://www.seo-mercari.de
*
* 	Copyright (c) since 2011 SEO:mercari
* --------------------------------------------------------------------------------------
* 	based on:
* 	(c) 2000-2001 The Exchange Project  (earlier name of osCommerce)
* 	(c) 2002-2003 osCommerce - www.oscommerce.com
* 	(c) 2003     nextcommerce - www.nextcommerce.org
* 	(c) 2005     xt:Commerce - www.xt-commerce.com
*
* 	Released under the GNU General Public License
* ----------------------------------------------------------------------------------- */
/**
 * This program is free software; you can redistribute it and/or modify
 * it under the terms of the GNU General Public License, version 2, as
 * published by the Free Software Foundation.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * @category  PayIntelligent
 * @package   PayIntelligent_ClickandBuy
 * @copyright (C) 2010 PayIntelligent GmbH  <http://www.payintelligent.de/>
 * @license   GPLv2
 */

require('includes/application_top.php');

// if the customer is not logged on, redirect them to the login page
if (!isset ($_SESSION['customer_id']))
	redirect(href_link(FILENAME_LOGIN, '', 'SSL'));

if ($_SESSION['customers_status']['customers_status_show_price'] != '1')
	redirect(href_link(FILENAME_DEFAULT, '', ''));

if (!isset ($_SESSION['sendto']))
	redirect(href_link(FILENAME_CHECKOUT_PAYMENT, '', 'SSL'));

if ((not_null(MODULE_PAYMENT_INSTALLED)) && (!isset ($_SESSION['payment'])))
	redirect(href_link(FILENAME_CHECKOUT_PAYMENT, '', 'SSL'));

// avoid hack attempts during the checkout procedure by checking the internal cartID
if (isset ($_SESSION['cart']->cartID) && isset ($_SESSION['cartID']))
	if ($_SESSION['cart']->cartID != $_SESSION['cartID'])
		redirect(href_link(FILENAME_CHECKOUT_SHIPPING, '', 'SSL'));
			
include(DIR_FS_CATALOG.'lang/'.$_SESSION['language'].'/modules/payment/pi_clickandbuy.php');

require(DIR_WS_CLASSES.'class.order.php');
$order = new order;

if(!is_object($cab)) {
	require(DIR_WS_CLASSES.'class.clickandbuy.php');
	$cab = new clickandbuy();
}

$externalID = $_GET['externalID'];
$sHash = $_GET['sHash'];
$paymentType = $_GET['paymentType'];
$partialDeliveryAmount = $_GET['partialDeliveryAmount'];

$orders = $db->db_query("SELECT * FROM ".DB_PREFIX."picab_orders WHERE externalID = '".$externalID."'");
		
$amount = $orders->fields['amount'];
$currency = $orders->fields['currency'];
$transactionID = $orders->fields['transactionID'];
$handshake = $orders->fields['handshake']; 
		
$authentication = $cab->getCabSettings($paymentType);		
$secretKey = $authentication['secretKey'];
		
$shipping_tax_rate = $cab->get_shipping_tax_rate($order);

if ($_SESSION['customers_status']['customers_status_show_price_tax'] == 0 && $_SESSION['customers_status']['customers_status_add_tax_ot'] == 1)
	$shopAmount = $order->info['total'] + $order->info['tax'];
else
	$shopAmount = $order->info['total'];	

$shopAmount = round($price->CalculateCurrEx($shopAmount, $_SESSION['currency']), $price->get_decimal_places($_SESSION['currency']));	

//Shop has tax class in shipping module add shipping tax to order total 
if ($shipping_tax_rate > 0) {
	$shipping_tax = round(($order->info ['shipping_cost'] / 100) * $shipping_tax_rate,2);
	$shopAmount = ($shopAmount + $shipping_tax);	
} 

$shopAmount = number_format($shopAmount, 2, '.', '' );
$shopCurrency = $_SESSION['currency'];

//Handshake check 
if($handshake != 0 || $handshake == "")
	$errors[] = CLICKANDBUY_ERROR_MESSAGE_7;

//Generate sHash for double check#1
$checkSHash = $cab->generateSHash($shopAmount, $shopCurrency, $externalID, $secretKey, $paymentType, $partialDeliveryAmount);

/*
echo '<br />shopAmount: '.$shopAmount;
echo '<br />shopCurrency: '.$shopCurrency;
echo '<br />externalID: '.$externalID;
echo '<br />secretKey: '.$secretKey;
echo '<br />paymentType: '.DIR_WS_CLASSES;
echo '<br />partialDeliveryAmount: '.$partialDeliveryAmount;
echo '$authentication :'.print_r($authentication);
exit();
*/


if($sHash != $checkSHash)
	$errors[] = CLICKANDBUY_ERROR_MESSAGE_8;

if(empty($errors)) {
	$statusType = 'transactionID';		
	$idList['transactionID1'] = $transactionID;			
	$requestResult = $cab->statusRequest($authentication, $statusType, $idList);
	
	if($requestResult['success'] != 1)
		$cab->redirectError($requestResult);
	else {
		$requestValues = $requestResult['values'];
		$transactionStatus = $requestValues['transactionList']['transaction']['transactionStatus'];

		redirect(href_link(FILENAME_CHECKOUT_PROCESS, 'amount='.$amount.'&checkout=success&currency='.$currency.'&externalID='.$externalID.'&paymentType='.$paymentType.'&sHash='.$sHash,'SSL'));
	}

} else {
		$errDescription = implode(";", $errors);						
		$errorMessage = CLICKANDBUY_ERROR_MESSAGE_2.$errDescription;
		
		redirect(href_link($cab->returnURL, '?error_message='.$errorMessage, 'SSL'));
}
?>